Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
FIFA announce new peace prize to be awarded at World Cup draw in Washington
-
Australia's Cummins hints at return for second Ashes Test
-
Boeing settles with one plaintiff in 737 MAX crash trial
-
Man City win as Inter stay perfect, Barca held in Champions League
-
French superstar DJ Snake wants new album to 'build bridges'
-
Barca rescue draw at Club Brugge in six-goal thriller
-
Foden hits top form as Man City thrash Dortmund
-
NBA officials brief Congress committee over gambling probe
-
Inter beat Kairat Almaty to maintain Champions League perfection
-
Newcastle sink Bilbao to extend Champions League winning run
-
Wall Street stocks rebound after positive jobs data
-
LPGA, European tour partner with Saudis for new Vegas event
-
Eyes turn to space to feed power-hungry data centers
-
Jazz lose Kessler for season with shoulder injury
-
League scoring leader Messi among MLS Best XI squad
-
MLS bans Suarez for Miami's winner-take-all playoff match
-
McIlroy appreciates PGA of America apology for Ryder Cup abuse
-
Garnacho equaliser saves Chelsea in Qarabag draw
-
Promotions lift McDonald's sales in tricky consumer market
-
Five things to know about New York's new mayor
-
Anisimova beats Swiatek to reach WTA Finals last four
-
US Supreme Court appears skeptical of Trump tariff legality
-
AC Milan post third straight annual profit on day of San Siro purchase
-
Angelina Jolie visits Ukrainian frontline city, media reports say
-
UN says forests should form key plank of COP30
-
Star designer Rousteing quits fashion group Balmain
-
Mexico's Sheinbaum steps up cartel fight after murder of anti-narco mayor
-
Attack on funeral in Sudan's Kordofan region kills 40: UN
-
Key PSG trio set for spell on sidelines
-
Democrats punch back in US elections - and see hope for 2026
-
BMW reports rising profitability, shares jump
-
US Supreme Court debates legality of Trump's tariffs
-
Bolivia Supreme Court orders release of jailed ex-president Jeanine Anez
-
Wall Street stocks rise after positive jobs data
-
'Hostage diplomacy': longstanding Iran tactic presenting dilemma for West
-
Rybakina stays perfect at WTA Finals with win over alternate Alexandrova
-
Le Garrec welcomes Dupont help in training for Springboks showdown
-
Brussels wants high-speed rail linking EU capitals by 2040
-
Swiss business chiefs met Trump on tariffs: Bern
-
At least 9 dead after cargo plane crashes near Louisville airport
-
France moves to suspend Shein website as first store opens in Paris
-
Spain's exiled king recounts history, scandals in wistful memoir
-
Wall Street stocks steady after positive jobs data
-
Trump blasts Democrats as government shutdown becomes longest ever
-
Indian pilgrims find 'warm welcome' in Pakistan despite tensions
-
Inter and AC Milan complete purchase of San Siro
-
Swedish authorities inspect worksite conditions at steel startup Stegra
-
Keys withdraws from WTA Finals with illness
-
Prince Harry says proud to be British despite new life in US
-
BMW boosts profitability, welcomes Nexperia signals
NYSE - LSE
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
Q.Bulbul--SF-PST
